The Northern Lincolnshire and Goole NHS Foundation Trust declared a “major incident” after a “computer virus” infected its systems on Sunday, 30 October and full service didn’t resume until Wednesday 2 November.

“Our teams took immediate action upon detection of the attack, minimising its impact. The Trust took the decision to halt routine appointments in order to ensure patient safety while we eradicated the issue,” said Pam Clipson, director of strategy and planning at Northern Lincolnshire and Goole NHS Foundation Trust.

“Any potentially encrypted servers were checked and cleansed both prior to switching off and before returning to ‘live’ status,” she said.

In an email to ZDNet, an NHS spokesperson confirmed that no ransom was paid to the perpetrators of the attack in order to restore systems.

Due to the ongoing investigation the Trust isn’t going into details about how systems became infected with ransomware, but said rumours that the infection came from a USB stick or staff working remotely have “no grounding in fact”.

Northern Lincolnshire and Google NHS Foundation Trust said it has “acted swiftly to enhance our existing cyber security” but Clipson said specific information won’t be shared “in order to maintain security and support the police investigation”.

Globe2 is yet another variant of the booming epidemic of file encrypting ransomware. While the Trust isn’t willing to go into details about how their systems became infected, much like other forms of ransomware, Globe2 commonly infects users via the medium of phishing emails containing malicious links.